My database got hacked 😔

superoo7 (64) in programming • 7 years ago (edited)

I guess this is a terrible way to start a Monday, my database got hacked this morning, and the hacker wiped all the data leave a message in the database:

Your Database is downloaded and backed up on our secured servers. To recover your lost data: Send 0.2 BTC to our BitCoin Address and Contact us by eMail with your server IP Address and a Proof of Payment. Any eMail without your server IP Address and a Proof of Payment together will be ignored. You are welcome!

Why this happen?

Not setting a password

I am a lazy bum because I try to solve things the easiest way (All the programmers are lazy). So, I open up a port for my database for my own entry without setting a password. I was busy developing stuff but I don't take security as my first priority.

Accidentally push my server IP to github

Then, I accidentally push the database IP into github, with the port that connected to the database. I am so lazy that I just patch it with another commit without reverting the push file. Since GitHub is open up for everyone to check, it could be that the hacker went into there and get the server IP.

Not backing up

I plan to back up the data when I am free, not taking this issue seriously. So, the data got wiped out by the hacker and nothing is left.

Fixing it

I spend the whole morning creating a new server and setting up the bot all over again. This time, I closed up the port and setup admin user for my database.

If I take security into consideration, it would take me less than 30 minutes, rather than my whole database got wiped and the whole morning fixing.

I guess I learnt it the hard way because I was ignorant about security and saving backups.

Thanks for reading, STEEM-ON!

_{Animated Banner Created By @zord189}

programming busy teammalaysia teamaustralia steemitbloggers

7 years ago by superoo7 (64)

$6.97

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!

Sort Order:

Trending

[-]

joanstewart (65) · 7 years ago

Sorry you had to feel that pain, these hackers are super sharp today, good lessons to be shared @superoo

$0.00

[-]

superoo7 (64) · 7 years ago

Thanks for stopping by, I guess I have learn it the hard way haha.

$0.00

[-]

enjoyinglife (72) · 7 years ago

Sry to hear about it mate! But feels good to hear how fast you recovered from it and kept moving

$0.00

[-]

superoo7 (64) · 7 years ago

Thanks man. I guess I learn from the mistakes haha

$0.00

[-]

wilhb81 (76) · 7 years ago

@superoo7 Omg, you got hacked bro? Hmm, we need to be extremely careful with our own passwords...

$0.00

[-]

superoo7 (64) · 7 years ago (edited)

The problem is I din setup password

$0.00

1 vote

[-]

mountainjewel (68) · 7 years ago

oh no, that's a worst fear of mine to accidentally publish my password!! hope everything turns out ok.

$0.00

[-]

superoo7 (64) · 7 years ago

I guess everything is fine, just that the data are lost 😅

$0.00

[-]

legendchew (61) · 7 years ago

No worries. It's good that it happen now than later. Thank you for your fast recovery on the bot.

$0.00

[-]

halleyleow (53) · 7 years ago

Although I don't understand this, but I am glad everything is under control. So moral of this event is, don't be lazy, anything can happen. Need to be extra careful too.

$0.00

[-]

superoo7 (64) · 7 years ago

Haha, Thanks for stopping by. Yea I am lazy and ignorant about security. So, always put security first ✌

$0.00

[-]

halleyleow (53) · 7 years ago

I am lazy too. So mommy @elizacheng will scold me for being too lazy. 😅

$0.00

[-]

kennethtks (52) · 7 years ago

hack them back

$0.00

[-]

ackhoo (69) · 7 years ago

Ouch! Sorry it caused you so much grief... :(
But you got back on your feet pronto, which is a good thing! Cheer up, no worries, we are all behind you!! 💪

$0.00

[-]

superoo7 (64) · 7 years ago

Thanks haha, luckily I am not losing much

$0.00

[-]

karinzdailygrind (51) · 7 years ago

Oh dear...no wonder the bot is down. Glad that you managed to plug the leak and immediately rectify it. You are doing a great job of powering our bots and balancing it with your studies. Let this incident be a valuable lesson and not stop you from being more vigilant in future.

$0.00

[-]

superoo7 (64) · 7 years ago

Thanks @karinzdailygrind , appreciate it 😁

$0.00

[-]

fundurian (67) · 7 years ago

adui, guess i have to careful what i upload to github

$0.00

[-]

superoo7 (64) · 7 years ago (edited)

Facepalm myself, haha
Learn it the hard way 😅
I can revoke the push actually, but lazy to check the documentation, so I patch it. 😂

$0.00

[-]

ryivhnn (65) · 7 years ago

Silly bugger! Well at least you know better now XD Hope you didn't lose anything sensitive or too major :)

$0.00

[-]

superoo7 (64) · 7 years ago

Yeap learn it the hard way haha

$0.00

[-]

r3aperz (42) · 7 years ago

Same as me lazy to set password even thou got password also its a simple password. After ur case, i better change my password to more secure type. Dangerous yo!

$0.00

[-]

superoo7 (64) · 7 years ago

haha, the main security issue is that people are lazy

$0.00

[-]

teammalaysia (45) · 7 years ago

Thank you for sharing your posts with us. This post was curated by TeamMalaysia as part of our community support. Looking forward for more posts from you.

To support the growth of TeamMalaysia Follow our upvotes by using steemauto.com and follow trail of @myach

Vote TeamMalaysia witness bitrocker2020 using this link vote bitrocker2020 witness

$0.00

[-]

orangila (50) · 7 years ago

I have been there before so I understand the pain.... we are with you...

$0.00

[-]

superoo7 (64) · 7 years ago

I was a bit ignorant about security, first time being hack LOL

$0.00

[-]

gillianpearce (65) · 7 years ago (edited)

Sorry to hear that @superoo7 but glad you got it sorted. It's so easy to not heed the warnings . . . until it happens to you!

$0.00

[-]

superoo7 (64) · 7 years ago

Yeap, as simple as setting up a password. Never thought I would get hacked this way.

$0.00

1 vote

[-]

keciah (50) · 7 years ago

Oh no, that is terrible! Hopefully now that you have taken more security measures with the new database you won't have this problem again!

$0.00

[-]

superoo7 (64) · 7 years ago

Yeap, I shifted the server and close the loophole. So, I guess it is fine

$0.00

[-]

kamchore (70) · 7 years ago

All well that ends well, Thankfully you fixed your problem. It's a big lesson for all of don't be lazy on our work. Some people learn from their mistake and other people learn from people mistake. Thanks for Caring about this community to share information on this important topic. It is wise to take advantage of other mistake. keep sharing @superoo7. Best of luck

$0.00

[-]

superoo7 (64) · 7 years ago

Thanks for your support @kamchore, really appreciate it.

$0.00

[-]

nopenotagain (41) · 7 years ago

well and i was already paranoid about getting ping calls.. u seem quite fine for loosing a database :D

This I call a true monday.

$0.00

[-]

superoo7 (64) · 7 years ago

Not really fine, haha. It caused a bit of trouble, I guess I manage to sorted it out.

$0.00

1 vote

[-]

happycrazycon (63) · 7 years ago

Oh my. That was a painful thing to learn. But I'm glad to know it is fixed @superoo7 :) On the other hand, love the GIFs you used in this post, Hehe!

$0.00

[-]

superoo7 (64) · 7 years ago (edited)

Thanks @happycrazycon, I guess GIF helps to make the article looks for fun instead of all the technical terms that I use.

$0.00

[-]

happycrazycon (63) · 7 years ago

Agree that GIFs is fun and I think they cheer people up being a tad bit funny. Thanks for doing so much for #teammalaysia and all on this platform! Great day ahead!

$0.00

[-]

naquoya (67) · 7 years ago

That would be painful, but seems you were able to recover. The lesson is an important one. You won't make that mistake again, will you?

$0.00

[-]

superoo7 (64) · 7 years ago

I guess I wont do it again? 😅

$0.00

[-]

djlethalskillz (71) · 7 years ago

Ahhh man! What a bummer news so sorry to hear about that, hope u recover well and next time u hack them!

$0.00

[-]

superoo7 (64) · 7 years ago

lol that's not how hacking work haha. Thanks!

$0.00

[-]

djlethalskillz (71) · 7 years ago

lol I knowz, speedy recov!

$0.00

[-]

asherlee (48) · 7 years ago

thanks for fixing the problem gor gor @superoo7!

$0.00

[-]

gio6 (50) · 7 years ago

Sorry to hear mate, I guess we all underestimate bad people at times.

$0.00

[-]

appreciator (66) · 7 years ago

This post is sponsored by @appreciator in collaboration with #steemitbloggers. Keep up the good work

$0.00

[-]

duckeh (31) · 7 years ago

Where is your db hosted? Are you typically on the run && ip rules would be a hassle? You also can store your db connection info in a file locally so you dont have to type it in (like .pgpass)

$0.00

[-]

superoo7 (64) · 7 years ago

Hey, I am not using shared hosting. My database is hosted on VPS (Digital Ocean) , so I open up a port for development purpose.

$0.00

[-]

cryptonik (55) · 7 years ago

Oooops! Nice to read about fellow coder struggles, also I must go and check my servers now....lol

$0.00

[-]

superoo7 (64) · 7 years ago

Programmer are Lazy bum, I guess security is top priority.

$0.00

[-]

katebell001 (31) · 7 years ago

i have heard more of these stories in recent times lol...as a matter of fact heard some tech geeks on https://venomthreads.com are the best when it terms gaining, revoking and recovering access into a database and with a certification to show for it. i also have the believe too that it's only people with profound tech knowledge that can pull off stuffs like database hacks.

$0.00